Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

Google this week released detailed information about the process the company uses for handling data deletion requests by enterprises using its cloud services.

In a whitepaper titled Data Deletion on Google Cloud Platform, the company explains how the process is designed to ensure safe and effective deletion of data from active systems, backup volumes and physical storage media.

Generally, prior to deletion all customer data on Google cloud is encrypted at rest, replicated on active systems to ensure uninterrupted availability and copied to backup systems as protection against loss and to ensure data integrity.

Further reading

Enterprises can ask for their entire account to be deleted, or just the data associated with a specific cloud project or resource. When any data is flagged for deletion, Google marks it as deleted and makes it unavailable for further use. However, the company implements a grace period before beginning to actually logically delete the data to ensure that organizations have a way to recover anything that may have been deleted by mistake, Google said in its whitepaper.

After the grace period has ended, Google uses one of two methods to delete data from active systems—cryptographic erasure and what it calls a mark-and-sweep garbage collection process where the deleted data is completely overwritten over time. Google uses a similar process of overwriting data or using cryptographic methods for deleting customer data from backup storage.

"Long after deletion has occurred, the final step in assuring deletion is to securely decommission our physical storage media," said Eric Chiang, product manager with Google's cloud security and privacy group.

Google's media sanitization process is designed to ensure that deleted data on decommissioned storage media is completely irrecoverable through forensic or laboratory attacks. Hard drives that have been retired are overwritten with zeros and go through a multistep inspection process to ensure they contain no recoverable data.

All physical storage equipment with the company's data centers is tracked—via asset tags and bar codes—from acquisition and installation through destruction. According to Google, it also employs a slew of methods, such as metal detection, biometric identification, laser-based intrusion detection systems and vehicle barriers, to prevent equipment from leaving its data centers in unauthorized fashion.

In instances where a storage media cannot be securely erased, Google physically destroys it by either crushing and deforming the drive or shredding it to bits before recycling.

Google's latest whitepaper is part of an ongoing effort by the company to inform enterprises about the measures it takes to ensure that enterprise data is securely handled in the cloud. Although organizations have been moving more workloads to the cloud in recent years, concerns about unauthorized access and data leaks continue to persist and, in many cases, hamper cloud adoption.

Just earlier this week, Google released another whitepaper, this one describing the company's process for responding to incidents involving the confidential, integrity and availability of customer data on Google Cloud Platform. Recently, the company also released a new tool that gives enterprises a way to monitor any access to their cloud workloads by Google administrators and support staff.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.